Bugzilla – Attachment 3550 Details for
Bug 3349
Test sshd in chroot fails when syscall close_range is undefined and openssh is built with glibc 2.34
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
shim closefrom and check kernel version
openssh-closefrom-fallback.patch (text/plain), 1.59 KB, created by
Darren Tucker
on 2021-10-08 18:17:34 AEDT
(
hide
)
Description:
shim closefrom and check kernel version
Filename:
MIME Type:
Creator:
Darren Tucker
Created:
2021-10-08 18:17:34 AEDT
Size:
1.59 KB
patch
obsolete
>diff --git a/openbsd-compat/bsd-closefrom.c b/openbsd-compat/bsd-closefrom.c >index 8fadca2d..7c87c0be 100644 >--- a/openbsd-compat/bsd-closefrom.c >+++ b/openbsd-compat/bsd-closefrom.c >@@ -16,7 +16,7 @@ > > #include "includes.h" > >-#ifndef HAVE_CLOSEFROM >+#if !defined(HAVE_CLOSEFROM) || defined(BROKEN_LINUX_CLOSEFROM) > > #include <sys/types.h> > #include <sys/param.h> >@@ -91,6 +91,27 @@ closefrom(int lowfd) > { > (void) fcntl(lowfd, F_CLOSEM, 0); > } >+#elif defined(HAVE_CLOSEFROM) && defined(BROKEN_LINUX_CLOSEFROM) >+# undef closefrom >+#include <sys/utsname.h> >+void >+_compat_linux_closefrom(int lowfd) >+{ >+ struct utsname un; >+ char *p, *op = NULL, *maj, *min; >+ int fallback = 0; >+ >+ /* If version is < 5.9 or int conversions fail, use fallback. */ >+ if (uname(&un) != 0 || (op = p = strdup(un.release)) == NULL || >+ (maj = strsep(&p, ".")) == NULL || (min = strsep(&p, ".")) == NULL >+ || atoi(maj) < 5 || atoi(min) < 9) >+ fallback = 1; >+ free(op); >+ if (fallback) >+ closefrom_fallback(lowfd); >+ else >+ closefrom(lowfd); >+} > #elif defined(HAVE_LIBPROC_H) && defined(HAVE_PROC_PIDINFO) > void > closefrom(int lowfd) >diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h >index a7209ceb..a21b8c50 100644 >--- a/openbsd-compat/openbsd-compat.h >+++ b/openbsd-compat/openbsd-compat.h >@@ -63,6 +63,10 @@ int bindresvport_sa(int sd, struct sockaddr *sa); > > #ifndef HAVE_CLOSEFROM > void closefrom(int); >+#elif defined(__linux__) && defined(__GLIBC__) >+# define BROKEN_LINUX_CLOSEFROM >+# define closefrom(x) _compat_linux_closefrom(x) >+void _compat_linux_closefrom(int); > #endif > > #ifndef HAVE_GETLINE
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=3550">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 3349
:
3548
|
3550
|
3551
|
3552